blob: b488f7f626c7d113c7b83edad8ccd9e05b02e1a6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
https://sourceforge.net/p/libircclient/code/141/
https://sourceforge.net/p/libircclient/code/142/
--- libircclient-1.10/src/ssl.c
+++ libircclient-1.10/src/ssl.c
@@ -114,26 +114,23 @@
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
#else
- OPENSSL_init_ssl(0, NULL);
+ if ( OPENSSL_init_ssl(0, NULL) == 0 )
+ return LIBIRC_ERR_SSL_INIT_FAILED;
#endif
if ( RAND_status() == 0 )
return LIBIRC_ERR_SSL_INIT_FAILED;
// Create an SSL context; currently a single context is used for all connections
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
ssl_context = SSL_CTX_new( SSLv23_method() );
+#else
+ ssl_context = SSL_CTX_new( TLS_client_method() );
+#endif
if ( !ssl_context )
return LIBIRC_ERR_SSL_INIT_FAILED;
- // Disable SSLv2 as it is unsecure
- if ( (SSL_CTX_set_options( ssl_context, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2) == 0 )
- return LIBIRC_ERR_SSL_INIT_FAILED;
-
- // Enable only strong ciphers
- if ( SSL_CTX_set_cipher_list( ssl_context, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" ) != 1 )
- return LIBIRC_ERR_SSL_INIT_FAILED;
-
// Set the verification
if ( session->options & LIBIRC_OPTION_SSL_NO_VERIFY )
SSL_CTX_set_verify( ssl_context, SSL_VERIFY_NONE, 0 );
|